Weekend news review: March 17-21

Sally Beauty confirms that customer data was accessed in breach

After initially finding “no evidence” that customer card data was taken after a breach, Sally Beauty has now confirmed that fewer than 25,000 records containing card data were illegally accessed by intruders.

IBM claims no data or source code was handed over to NSA

In an open letter to its clients, the software and IT services giant made some weighty assurances that it has not helped the government spy agency obtain customer data through contested surveillance programs.

Attackers have been able to sustain a far-reaching spam and malware campaign by using a backdoor trojan to compromise thousands of Unix and Linux servers, according to a white paper published by ESET.

Three indicted for roles in global cyber crime scheme

Three men received charges in a New Jersey District Court for their alleged roles in a cyber crime scheme that attempted to defraud companies, their customers, and the IRS. The ruse made them more than $15 million.

$30 RAT, WinSpy, involved in two phishing campaigns

Two phishing campaigns have been uncovered by experts at FireEye. The operations involve a remote administration tool known as WinSpy. The malware sells for $30 and comes packaged with an Android component known as GimmeRAT.

Two-year-old PHP bug still being exploited via unpatched servers

Researchers with Imperva discovered that a PHP vulnerability originally disclosed in March 2012 is still impacting unpatched servers. More than 80 percent of all websites on the internet are written in the server-side scripting language.

Breaches, malware to cost $491 billion in 2014

A join study from IDC and the National University of Singapore indicates that enterprises around the globe will spend around $500 billion in 2014 on making fixes and recovering from data breaches and malware.

NSA hacks system admins to gain access through gatekeepers

The latest Edward Snowden leaks reveal that after collecting the email or social media accounts of system admins, the National Security Agency (NSA) uses its arsenal of surveillance tools to hack these network gatekeepers.

This week's news included another retailer confirming a breach, a nasty trojan compromising thousands of Unix and Linux servers, and a new study indicating that nearly $500 billion will be spent in 2014 on recovery initiatives when dealing with data breaches and malware. For more deeper look at these news bits, click here to visit our news section.